Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/cfd41e-398d-4f1b-9995-1a3ff532bc20/1/zQPRPdJvAESig_xqEedWoqK1aRs.mft
File: zQPRPdJvAESig_xqEedWoqK1aRs.mft (raw, json)
Hash identifier: 9R3ILRbY9VGL8Z55p/BuD8wpr1DA09Bl5636Bzl6aS4=
Subject key identifier: A7:68:AA:CD:1D:43:81:94:FC:DB:8F:FB:AF:04:AE:0E:2A:64:6E:6B
Authority key identifier: CD:03:D1:3D:D2:6F:00:44:A2:83:FC:6A:11:E7:56:A2:A2:B5:69:1B
Certificate issuer: /CN=cd03d13dd26f0044a283fc6a11e756a2a2b5691b
Certificate serial: 019DCE9987F91FBBB50D58828C1DD5FFCF06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQPRPdJvAESig_xqEedWoqK1aRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/cfd41e-398d-4f1b-9995-1a3ff532bc20/1/zQPRPdJvAESig_xqEedWoqK1aRs.mft
Manifest number: 03E3
Signing time: Mon 27 Apr 2026 11:01:01 +0000
Manifest this update: Mon 27 Apr 2026 11:01:01 +0000
Manifest next update: Tue 28 Apr 2026 11:01:01 +0000
Files and hashes: 1: DV_1PU5sghttOAyD5Fk0auja6M4.roa (hash: vyYX2XFHKs4PfXvL2MDa+XaKNUQzIY/+9Y9TmVp9CiU=)
2: zQPRPdJvAESig_xqEedWoqK1aRs.crl (hash: LwxxK8aw4+Ou8Kz4YQNJKxk3GToNdhEz6NHfAbJ0q/Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/cfd41e-398d-4f1b-9995-1a3ff532bc20/1/zQPRPdJvAESig_xqEedWoqK1aRs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/cfd41e-398d-4f1b-9995-1a3ff532bc20/1/zQPRPdJvAESig_xqEedWoqK1aRs.mft
rsync://rpki.ripe.net/repository/DEFAULT/zQPRPdJvAESig_xqEedWoqK1aRs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 11:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ce:99:87:f9:1f:bb:b5:0d:58:82:8c:1d:d5:ff:cf:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd03d13dd26f0044a283fc6a11e756a2a2b5691b
Validity
Not Before: Apr 27 11:01:01 2026 GMT
Not After : Apr 28 11:01:01 2026 GMT
Subject: CN=a768aacd1d438194fcdb8ffbaf04ae0e2a646e6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:4e:e4:7b:02:00:4a:ed:dd:51:ec:9b:a2:a0:
fa:a5:ff:78:cb:1a:d9:c5:fb:39:54:9f:7c:0a:5b:
74:f7:32:eb:00:d9:16:8a:cf:5b:7e:e7:44:97:8d:
a5:fc:af:97:f2:54:d2:c1:2f:ac:91:0c:1b:83:0a:
85:ec:66:8c:7c:44:27:40:5b:35:42:f8:ff:54:47:
9a:a4:56:da:c6:b1:47:1f:be:f0:2c:90:47:c8:a0:
e7:fc:3d:88:66:f8:d8:66:4d:97:4f:c7:0f:6b:9f:
a8:50:71:11:ea:52:7a:06:77:5d:63:16:46:17:11:
16:8c:ba:5a:b8:de:8e:b3:c4:89:95:9a:83:f2:d8:
16:61:c2:58:02:c9:2e:51:89:99:8a:99:97:a2:56:
5c:8e:7d:58:b7:bd:25:1e:e3:62:ab:44:5a:b9:37:
eb:f0:18:10:5d:68:28:a7:01:b6:35:fa:94:2b:89:
fb:b9:a9:1c:65:24:ff:1c:84:76:dd:0e:09:8f:43:
61:b7:1e:2b:d7:da:7e:72:ed:0b:e7:42:05:fc:39:
61:b4:3a:55:0d:fc:15:4f:70:e5:ce:c1:e0:10:2e:
63:77:77:e8:74:45:5b:bb:21:dd:e7:4d:82:c2:18:
92:8f:06:32:f4:84:8c:bd:f4:52:ec:ab:f0:ff:74:
2d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:68:AA:CD:1D:43:81:94:FC:DB:8F:FB:AF:04:AE:0E:2A:64:6E:6B
X509v3 Authority Key Identifier:
keyid:CD:03:D1:3D:D2:6F:00:44:A2:83:FC:6A:11:E7:56:A2:A2:B5:69:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQPRPdJvAESig_xqEedWoqK1aRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/cfd41e-398d-4f1b-9995-1a3ff532bc20/1/zQPRPdJvAESig_xqEedWoqK1aRs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/cfd41e-398d-4f1b-9995-1a3ff532bc20/1/zQPRPdJvAESig_xqEedWoqK1aRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:98:dd:b9:d6:8c:fa:7e:5b:f2:a7:be:df:9d:33:e7:67:20:
8f:71:9d:c0:a8:bb:51:70:7d:90:17:67:3e:93:5e:db:f6:ac:
8b:9a:ca:be:58:8e:a0:61:dd:80:4b:20:85:fc:7a:0d:ff:b2:
38:86:a6:cf:f3:76:3a:ba:4d:33:15:1f:8d:e2:92:83:2e:8b:
08:d0:bb:ca:88:eb:eb:a5:62:43:67:da:e7:d9:8d:22:ab:9b:
ba:a4:99:a3:48:2b:87:bc:48:ba:51:45:b1:c4:ae:24:e5:6c:
25:71:6a:1b:f2:98:fd:68:e9:56:33:29:fe:18:81:48:eb:fe:
b7:0e:8c:19:51:a1:3e:a5:e3:a6:4d:27:f0:ba:02:9d:74:f4:
3d:bb:7a:a8:5b:d1:94:02:3b:08:df:76:3d:9e:68:ba:0e:4d:
85:fc:24:12:f9:e9:6d:f5:43:20:d5:50:33:8a:a0:9c:77:93:
89:2f:67:f6:1d:ea:c9:73:1f:04:95:d7:9c:be:4a:85:19:b9:
36:1f:56:2b:7a:a0:5e:8d:e2:02:b0:df:bf:57:54:cc:46:02:
47:80:af:6c:25:71:4e:34:90:13:79:46:19:34:e3:a3:34:74:
4a:ba:94:e8:a0:0c:24:74:34:09:a0:07:75:e3:f4:e0:7b:1c:
90:f5:33:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3OmYf5H7u1DViCjB3V/88GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMDNkMTNkZDI2ZjAwNDRhMjgzZmM2YTExZTc1NmEyYTJi
NTY5MWIwHhcNMjYwNDI3MTEwMTAxWhcNMjYwNDI4MTEwMTAxWjAzMTEwLwYDVQQD
EyhhNzY4YWFjZDFkNDM4MTk0ZmNkYjhmZmJhZjA0YWUwZTJhNjQ2ZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4k7kewIASu3dUeyboqD6pf94yxrZ
xfs5VJ98Clt09zLrANkWis9bfudEl42l/K+X8lTSwS+skQwbgwqF7GaMfEQnQFs1
Qvj/VEeapFbaxrFHH77wLJBHyKDn/D2IZvjYZk2XT8cPa5+oUHER6lJ6BnddYxZG
FxEWjLpauN6Os8SJlZqD8tgWYcJYAskuUYmZipmXolZcjn1Yt70lHuNiq0RauTfr
8BgQXWgopwG2NfqUK4n7uakcZST/HIR23Q4Jj0Nhtx4r19p+cu0L50IF/DlhtDpV
DfwVT3DlzsHgEC5jd3fodEVbuyHd502CwhiSjwYy9ISMvfRS7Kvw/3QtlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKdoqs0dQ4GU/NuP+68Erg4qZG5rMB8GA1UdIwQY
MBaAFM0D0T3SbwBEooP8ahHnVqKitWkbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelFQUlBkSnZBRVNpZ194cUVlZFdvcUsxYVJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jZmQ0MWUtMzk4ZC00ZjFiLTk5OTUt
MWEzZmY1MzJiYzIwLzEvelFQUlBkSnZBRVNpZ194cUVlZFdvcUsxYVJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jZmQ0MWUtMzk4ZC00ZjFiLTk5OTUtMWEzZmY1MzJiYzIw
LzEvelFQUlBkSnZBRVNpZ194cUVlZFdvcUsxYVJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcJjdudaM
+n5b8qe+350z52cgj3GdwKi7UXB9kBdnPpNe2/asi5rKvliOoGHdgEsghfx6Df+y
OIamz/N2OrpNMxUfjeKSgy6LCNC7yojr66ViQ2fa59mNIqubuqSZo0grh7xIulFF
scSuJOVsJXFqG/KY/WjpVjMp/hiBSOv+tw6MGVGhPqXjpk0n8LoCnXT0Pbt6qFvR
lAI7CN92PZ5oug5NhfwkEvnpbfVDINVQM4qgnHeTiS9n9h3qyXMfBJXXnL5KhRm5
Nh9WK3qgXo3iArDfv1dUzEYCR4CvbCVxTjSQE3lGGTTjozR0SrqU6KAMJHQ0CaAH
deP04HsckPUzdA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 18:28:41 2026 by rpki-client